#!/usr/bin/python

###########################################################################
#									  #
# 	March 2013							  #
#									  #
#									  #
#	wwpwn.py is developed by vulnerab0wl				  #
#									  #
#	hosted on https://code.google.com/p/ww-pwn/ under GNU GPL v3	  #
#									  #
###########################################################################


import sys
import httplib
import socket
import datetime


banner = '''
               __      __  __      __        __      __       
	      /  \    /  \/  \    /  \______/  \    /  \____  
              \   \/\/   /\   \/\/   /\____ \   \/\/   /    \\
               \        /  \        / |  |_> >        /   |  \\
                \__/\  /    \__/\  /  |   __/ \__/\  /|___|  /
                     \/          \/   |__|         \/      \/ 

				      v1.0
				      
'''


disclaimer = '''
[+] YOU'RE USING THIS TOOL AT YOUR OWN RISK!

[+] It has been developed for informative purposes only, use it against\n    a website where you allowed to perform scans and security assessments,\n    I will not be responsable of the usage you make of this tool.

[+] By accepting this disclaimer you claim that you know what you are doing\n    and that you are fully responsable for it..


'''


usage = '''
[+] Run command directly from command line
    $ python wwpwn.py <url> (specify the url WITHOUT http:// before it)
    
    working example: $ python wwpwn.py www.example.com
    
    By default all the interesting staff found will be collected\n    in a html file in the current local folder

[+] Take a look at the disclaimer
    $ python wwpwn.py disclaimer
    
[+] Show info about authors
    $ python wwpwn.py credits
    
[+] Show general help and usage information
    $ python wwpwn.py help
    
    
'''


credits = '''
Author		   ---> vulnerab0wl <---



Website		   ---> http://feedyourhead.atervista.org/ <---


'''


welcome = '''
[+] This is wwpwn, it allows you to find interesting stuff on a website.
[+] Hint: Use 'wwpsn.py help' if you are in trouble.


'''


if  len(sys.argv) == 2 and sys.argv[1].startswith('www'):
	url = sys.argv[1]
        print banner+'\n\n'+disclaimer+'    Do you want to proceed? [y/n]'
	
	accept_in = raw_input('[!] Accept: ')
	try:
		accept = str(accept_in)
	except:
		print '[!] Something went wrong!'
		print '\n\n[!] Exiting. I\'m off ta-ta..  ^^\n'
		sys.exit(0)
	
	if (accept != 'y'):
		print '[!] I understand..'
		print '\n\n[!] Exiting. I\'m off ta-ta..  ^^\n'
		sys.exit(0)
	

	now = datetime.datetime.now()
	now = str(now)[:10]
	#print now
	
        
	try:
		conn = httplib.HTTPConnection(url)
		conn.request("GET", "/")
		print '\n\n\n'
		print '    Trying to get: http://'+url
		r1 = conn.getresponse()
		#conn.connect()
		conn.close()
		
		#print r1.status, r1.reason
	
		out = open(now+"_"+url+".html", "wb")
		out.close()
		
		if(r1.status == 200):
			print '\n[!] Got it! The main website is up and running..\n\n\n'
			outa = open(now+"_"+url+".html", "ab")
			outa.write("<html>\n\t<head>\n\t\t<title>interesting directories found by wwpwn</title>\n\t</head>\n\n<body>\n\t");
			outa.write( "\n\t<h3>Looking interesting directories for: <strong>"+url+"</strong></h3>\n\n");
			
		
	except (httplib.HTTPException, socket.error) as e:
   		print '[!] %s ' % e
   		print '\n\n[!] Exiting. I\'m off ta-ta..  ^^\n'
   		sys.exit(0)
   		
   	with open("directories-list-small.txt") as infile:
    		for dir in infile:
   				
   			try:
				conn = httplib.HTTPConnection(url)
				conn.request("GET", "/"+str(dir))
				toturl = 'http://'+url+'/'+str(dir)[:-1]
				print '    Trying to get: http://'+toturl
				r1 = conn.getresponse()
				response = r1.read()
				#print '   ',r1.status, r1.reason
				#conn.connect()
				conn.close()
		
				#print response
	
				if( (r1.status == 200) and (len(str(response)) > 0) ):
					print '\n[!] Got it! This one could be interesting..\n\n\n'
					#out = open("output.html", "ab")
					outa.write( "\t<h4>"+str(dir)[:-1]+" subdirectory found: <a href=\""+toturl+"\">"+toturl+"</a></h4>\n\n");
					#out.close()
		
			except (httplib.HTTPException, socket.error) as e:
   				print '' #'[!] %s ' % e

	#out = open("output.html", "ab")
	outa.write( "</body>\n\n</html>");
	outa.close()
	
	print '\n\n[!] Exiting. I\'m off ta-ta..  ^^\n'
	



elif len(sys.argv) == 2 and sys.argv[1] == 'help':
	print banner+usage+'\n[!] Exiting. I\'m off ta-ta..  ^^\n'

elif len(sys.argv) == 2 and sys.argv[1] == 'credits':
	print banner+'\n'+credits+'\n[!] Exiting. I\'m off ta-ta..  ^^\n'
	
elif len(sys.argv) == 2 and sys.argv[1] == 'disclaimer':
	print banner+disclaimer+'\n[!] Exiting. I\'m off ta-ta..  ^^\n'
	
elif len(sys.argv) > 2:
	print banner
	print '[!] You have inserted a wrong number of params, see the usage:\n\n'+usage+'\n[!] Exiting. I\'m off ta-ta..  ^^\n'

else:
	print banner+welcome+usage+'\n[!] Exiting. I\'m off ta-ta..  ^^\n'

